matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity

Handle cookies better by setting the right flags & expiration

Browse Source
This commit is contained in:
Quentin Gliech
2023-08-24 17:38:33 +02:00
parent 2405a3c061
commit a39f71c181
31 changed files with 242 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
crates/handlers/src/oauth2/authorization/complete.rs
View File

@@ -18,11 +18,10 @@ use axum::{
extract::{Path, State},
response::{Html, IntoResponse, Response},
};
use axum_extra::extract::PrivateCookieJar;
use hyper::StatusCode;
use mas_axum_utils::{csrf::CsrfExt, SessionInfoExt};
use mas_axum_utils::{cookies::CookieJar, csrf::CsrfExt, SessionInfoExt};
use mas_data_model::{AuthorizationGrant, BrowserSession, Client, Device};
use mas_keystore::{Encrypter, Keystore};
use mas_keystore::Keystore;
use mas_policy::{EvaluationResult, PolicyFactory};
use mas_router::{PostAuthAction, Route, UrlBuilder};
use mas_storage::{
@@ -96,7 +95,7 @@ pub(crate) async fn get(
State(url_builder): State<UrlBuilder>,
State(key_store): State<Keystore>,
mut repo: BoxRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
cookie_jar: CookieJar,
Path(grant_id): Path<Ulid>,
) -> Result<Response, RouteError> {
let (session_info, cookie_jar) = cookie_jar.session_info();

7
crates/handlers/src/oauth2/authorization/mod.rs
View File

@@ -18,11 +18,10 @@ use axum::{
extract::{Form, State},
response::{Html, IntoResponse, Response},
};
use axum_extra::extract::PrivateCookieJar;
use hyper::StatusCode;
use mas_axum_utils::{csrf::CsrfExt, SessionInfoExt};
use mas_axum_utils::{cookies::CookieJar, csrf::CsrfExt, SessionInfoExt};
use mas_data_model::{AuthorizationCode, Pkce};
use mas_keystore::{Encrypter, Keystore};
use mas_keystore::Keystore;
use mas_policy::PolicyFactory;
use mas_router::{PostAuthAction, Route, UrlBuilder};
use mas_storage::{
@@ -146,7 +145,7 @@ pub(crate) async fn get(
State(key_store): State<Keystore>,
State(url_builder): State<UrlBuilder>,
mut repo: BoxRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
cookie_jar: CookieJar,
Form(params): Form<Params>,
) -> Result<Response, RouteError> {
// First, figure out what client it is

7
crates/handlers/src/oauth2/consent.rs
View File

@@ -18,14 +18,13 @@ use axum::{
extract::{Form, Path, State},
response::{Html, IntoResponse, Response},
};
use axum_extra::extract::PrivateCookieJar;
use hyper::StatusCode;
use mas_axum_utils::{
cookies::CookieJar,
csrf::{CsrfExt, ProtectedForm},
SessionInfoExt,
};
use mas_data_model::{AuthorizationGrantStage, Device};
use mas_keystore::Encrypter;
use mas_policy::PolicyFactory;
use mas_router::{PostAuthAction, Route};
use mas_storage::{
@@ -84,7 +83,7 @@ pub(crate) async fn get(
State(policy_factory): State<Arc<PolicyFactory>>,
State(templates): State<Templates>,
mut repo: BoxRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
cookie_jar: CookieJar,
Path(grant_id): Path<Ulid>,
) -> Result<Response, RouteError> {
let (session_info, cookie_jar) = cookie_jar.session_info();
@@ -149,7 +148,7 @@ pub(crate) async fn post(
clock: BoxClock,
State(policy_factory): State<Arc<PolicyFactory>>,
mut repo: BoxRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
cookie_jar: CookieJar,
Path(grant_id): Path<Ulid>,
Form(form): Form<ProtectedForm<()>>,
) -> Result<Response, RouteError> {